Skip to content

Releases: mendersoftware/mender-artifact

v4.2.0

21 Oct 07:24
@mender-test-bot mender-test-bot
4.2.0
f655424
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v4.2.0 Latest
Latest

4.2.0 - 2025-10-15

Features

  • Optionally warn or fail on large Artifact sizes
    (MEN-8567) (5f23818) by @lluiscampos

    The write commands can now warn or fail when creating Artifacts bigger
    than a certain size. This feature is meant to be used with upcoming
    Mender Tier plans, which may set up limits on the Artifact size.

    The behaviour can be controlled with the flags:

    • --warn-artifact-size to soft warn on Artifacts larger than the limit
    • --max-artifact-size to hard fail on Artifacts larger than the limit

    Note that the limits are not enforced when streaming to stdout output,
    nor on other commands that may increase the Artifact size like modify,
    cp or install.

Build

  • Fix make test target
    (41c96f0) by @lluiscampos

    The well-intended commit ba669f0 broke make test when improving
    the make coverage target :)

Contributors

lluiscampos
Assets 2
Loading

v4.1.1

17 Sep 12:18
@mender-test-bot mender-test-bot
4.1.1
aad6c37
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v4.1.1

4.1.1 - 2025-09-17

Bug fixes

  • Call show-provides with sudo
    (MEN-8382) (f92cc16) by @michalkopczan

  • Add validation rules for validating string parameters
    (MEN-8513) (ddd821f) by @alfrunes

    Artifact name and group must no more than 256 characters and contain
    printable characters. Only characters from the following Unicode
    categories are allowed: L, M, N, P, S and ASCII white space.

    Creating artifact violating these conditions will result in an error.
    Reading an existing artifact will print a warning.

  • Mender-artifact hangs when ssh connection fails silently
    (MEN-8429) (9db4a2b) by @michalkopczan

  • Mender-artifact does not reenable echo on ssh error
    (MEN-8428) (15921d6) by @michalkopczan

    Original idea was to handle reenabling echo thanks to EchoSigHandler, but it was failing sometimes.
    The issue was that EchoSigHandler, when finishing its execution, sends an error to errChan. We need
    to wait on errChan until we get something on it - meaning that the EchoSigHandler finished,
    and we can safely exit the application.

    However, before my changes, if there was an error returned before reaching
    if s.sigChan != nil { signal.Stop(s.sigChan) s.cancel() if err := <-s.errChan; err != nil { return err } }

    So, for example, here:
    _, err = recvSnapshot(f, command.Stdout) if err != nil { _ = command.Cmd.Process.Kill() return "", err }

    Then we never waitied on errChan. Application was closed, EchoSigHandler never got the chance to
    reenable echo (sometimes it did, sometimes it didn't), and we were left with echo disabled.

    Adding a separate function that waits for errChan, and deferring it, we have the problem solved.

  • Split token into fixed number of parts
    (SEC-1676) (0cce29b) by @lluiscampos

    Fixes CVE-2025-22868. Fix ported from
    https://go-review.googlesource.com/c/oauth2/+/652155

Documentation

Contributors

lluiscampos, alfrunes, and michalkopczan
Loading